Filter and search through 196,421 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-40677 | SQL injection vulnerability in Summar Software´s Portal del Empleado. This vulnerability allows an attacker to retrieve, create, update, and delete th... | 0.0 | 0 | Neutral | Yes |
| No |
| CVE-2025-40676 | Insecure Direct Object Reference (IDOR) in Negotiator v3.15.2 from Biobanking and Biomolecular Resources - European Research Infrastructure (BBMRI-ERI... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40674 | Reflected Cross-Site Scripting (XSS) in osCommerce v4. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sen... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40673 | A Missing Authorization vulnerability has been found in DinoRANK. This vulnerability allows an attacker to access invoices of any user via accessing... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40672 | A Privilege Escalation vulnerability has been found in ProactivaNet v3.24.0.0 from Grupo Espiral MS. This vulnerability allows any user to override th... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40671 | SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an attacker to retrieve, create, update and delete databases ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40663 | Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version 23.02.01.17, from i2A. It allows an authenticated attacker to upload a malicious... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40653 | User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could all... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40652 | Stored Cross-Site Scripting (XSS) vulnerability in the CoverManager booking software. This allows an attacker to inject malicious scripts into the app... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40651 | Reflected Cross-Site Scripting (XSS) vulnerability in Real Easy Store. This vulnerability allows an attacker to execute JavaScript code in the victim'... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40650 | Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student re... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40649 | Stored Cross-Site Scripting (XSS) in Biobanking and Biomolecular Resources Negotiator v3.15.2 - European Research Infrastructure (BBMRI-ERIC), consist... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40648 | Stored Cross-Site Scripting (XSS) vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, throug... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40647 | Stored Cross-Site Scripting (XSS) vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, throug... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40645 | Exposure of sensitive information in Viday. This vulnerability could allow an unauthenticated attacker to obtain sensitive information about customers... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40644 | Reflected Cross-Site Scripting (XSS) vulnerability in Riftzilla's QRGen. This vulnerability allows an attavker to execute JavaScript code in the victi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40642 | Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to execute arbitrary code through the 'q' and 'engine' re... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40641 | Cross-site Scripting (XSS) vulnerability stored in Multi-Purpose Inventory Management System, consisting of a stored XSS due to lack of proper validat... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40636 | SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability allows an attacker to retrieve database content via the ‘... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40635 | SQL injection vulnerability in Comerzzia Backoffice: Sales Orchestrator 3.0.15. This vulnerability allows an attacker to retrieve, create, update and ... | 0.0 | 0 | Neutral | No | No |